Survey, Any help appreciated |
Survey, Any help appreciated |
Mar 25 2009, 01:27 PM
Post
#1
|
|
Filthy Peasant Group: Newbie Members Posts: 3 Thank(s): 0 Points: 0 Joined: 25-March 09 Member No.: 4,080 |
Hi
I was hoping you could fill out this myspace type survey... it's research for a university assignment. If you'd prefer not to then thats good to 1. What is your favorite thing to wear? 2. Last thing you ate? 3. One place you will NEVER eat at? 4. Would you date anyone you met online? 5. The last place you went out to dinner to? 6. Who/What made you angry today? 7. What are your pets called? 8. Do you feel safe online? 9. Ever gone skinny dipping? 10. Favorite type of Food? 11. Favorite holiday: 12. Do you download music: 13. Opinion of Chinese symbol tattoos? 14. Have you ever bungee jumped? 15. Have you ever Sky-dived? 16. Have you ever gone white-water rafting? 17. Has anyone ten years older than you ever hit on you? 18. How many pets do you have? 19. What are you listening to right now? 20. What is your current favorite song? 21. What was the last movie you watched? 22. Do you wear contacts? 23. Where was the last place you went besides your house? 24. What are you afraid of? 25. How many piercings have you had? 26. Do you have any tatoos 27. What do you usually order from Starbucks? 28. Have you ever fired a gun: 29. Are you missing someone? 30. Favorite TV show? 31. Ever done an IQ test, if so what score? 32. Favorite movie of all time? 33. Have you ever been caught doing something you weren't suppose to? 34. Favorite smell? 35. Butter, plain, or salted popcorn? 36. Do you consider yourself bad/average/good with computers? 37. Do you like Michael Jackson? 38. What's the longest time you've gone without sleep? 39. Where is the weirdest place you have slept? 40 Who was your last phone call? thank you. |
|
|
Mar 25 2009, 01:29 PM
Post
#2
|
|
Security and Projects Group: Clan Dogsbody Posts: 4,687 Thank(s): 1098 Points: 2,440 Joined: 31-August 07 From: A Magical Place, with toys in the million, all under one roof Member No.: 1 |
hmmm...
-------------------- |
|
|
Mar 25 2009, 02:22 PM
Post
#3
|
|
Security and Projects Group: Clan Dogsbody Posts: 4,687 Thank(s): 1098 Points: 2,440 Joined: 31-August 07 From: A Magical Place, with toys in the million, all under one roof Member No.: 1 |
1. What is your favorite thing to wear?
Not being a great follower of fashion, Jeans I guess 2. Last thing you ate? Apple 3. One place you will NEVER eat at? McDonalds 4. Would you date anyone you met online? spose 5. The last place you went out to dinner to? 'Upstairs at the grill' 6. Who/What made you angry today? An old version of Linux and some BMC software not working 7. What are your pets called? * 8. Do you feel safe online? * yes 9. Ever gone skinny dipping? Don't think so actually 10. Favorite type of Food? *Chilli! 11. Favorite holiday: Snowboarding or possibly diving in Thailand 12. Do you download music: Indeedily 13. Opinion of Chinese symbol tattoos? don't like some, can be bit tacky 14. Have you ever bungee jumped? yes 15. Have you ever Sky-dived? yes 16. Have you ever gone white-water rafting? yes 17. Has anyone ten years older than you ever hit on you? unfortunately 18. How many pets do you have? none at the moment 19. What are you listening to right now? Prodigy new album 20. What is your current favorite song? * I quite like the BPA toejam 21. What was the last movie you watched? Far cry 2... my brain feels squishy now 22. Do you wear contacts? Sometimes 23. Where was the last place you went besides your house? Work as usual 24. What are you afraid of? Not a great fan of dentists, no general fears though. 25. How many piercings have you had? about 4 26. Do you have any tatoos nope 27. What do you usually order from Starbucks? macchiato or latte 28. Have you ever fired a gun: Yes, including a sniper rifle and an ak47 29. Are you missing someone? perhaps 30. Favorite TV show? * Family guy i guess 31. Ever done an IQ test, if so what score? yes, 142 /boast 32. Favorite movie of all time? *maybe fight club or lord of the rings 33. Have you ever been caught doing something you weren't suppose to? fraid so 34. Favorite smell? fresh coffee 35. Butter, plain, or salted popcorn? depends on my mood 36. Do you consider yourself bad/average/good with computers? *good, hehe 37. Do you like Michael Jackson? well, he's hot.. oh right...if you mean musically then yeah 38. What's the longest time you've gone without sleep? about 40 hours, I was hallucinating by the end of that one 39. Where is the weirdest place you have slept? In a train station, in a farmers field, on some stairs 40. Who was your last phone call? insurance company spam thank you. [/quote] * ok Mark, at first I thought this was spam but on investigation it turn out to be legitimate college (not university ) work. Basically a college level psychology-esque piece of work realting to social engineering. What we have here is several usual myspaz type survey questions with a couple of custom ones rolled in, the purpose of which is to guage whether people reveal details about themselves that could be used against them e.g. gaining passswords, if the password was a pets name etc., and a general questions asking computer based expertise to correlate this against how people perceive their IT knowledge and whether they inadvertantly give out potentially revealing information. Obviously after this explanation this renders the survey results from this site invalid, however it is more important for me to ensure security of user accounts here. Sorry. Your details led me to a website you've made penetration testing (a pet subject of mine ), While no doubt social engineering does work, I believe a lot more security breaches are weak password related, combined with brute forcing. It takes very little time to brute force a 5 character dictionary word + 3 number type password. I would suggest you change your website password and mark me down as the first successful security breach Anyway, good luck with the school project and if you get a copy of Left 4 Dead you should drop by for a game MonkeyFiend P.S. A good one for social engineering is to ask people what their pornstar name is (explaining that you make their pornstar name using their street name and their mothers maiden name) - quite a subtle way of getting 2 bits of personal info -------------------- |
|
|
Mar 25 2009, 04:45 PM
Post
#4
|
|
Paddle Master Group: Clan Members Posts: 2,085 Thank(s): 30 Points: 317 Joined: 3-December 07 Member No.: 50 |
It takes very little time to brute force a 5 character dictionary word + 3 number type password. I would suggest you change your website password and mark me down as the first successful security breach rofl i dont think its deletion worthy... especially on request by someone who rarely comes here ;p -------------------- |
|
|
Mar 25 2009, 04:54 PM
Post
#5
|
|
Knight Errant Group: SM Guild Members Posts: 543 Thank(s): 0 Points: 102 Joined: 29-October 07 Member No.: 32 |
his favourite tv show is family guy
/sigh |
|
|
Mar 25 2009, 05:25 PM
Post
#6
|
|
Man at arms Group: Clan Members Posts: 161 Thank(s): 0 Points: 67 Joined: 13-February 09 From: Aberdeenshire Member No.: 4,071 |
This looks like one of those password phishing questionaires!!!
-------------------- |
|
|
Mar 25 2009, 06:40 PM
Post
#7
|
|
Knight Errant Group: Clan Members Posts: 645 Thank(s): 0 Points: 79 Joined: 18-November 07 From: Swindon Member No.: 43 |
1. Blue hoody
2. Some mixed fruit and nuts 3. Wimpy 4. Erm why not 5. Burger King 6. My english teacher 7. n/a 8. Relatively 9. Nope 10. Lasagne 11. Canada 12. Yep 13. Bit common 14. Nope and never will 15. Want to 16. Yes 17. Not that |I know of. But i hope my business teacher does shes hawt 18. 0 19. Radio 1 20. 65daysofstatic - Await Rescue 21. High School Musical 3 22. Yep 23. School 24. Moths 25. 0 26. Nope 27. Espresso or Frappacino 28. Air rifle and .2 rifle. And a deactivated bullet less AK47 which my dad has 29. no 30. QI, Family Guy 31. Yes cant remember between 90-100 32. Snatch 33. Plenty of times 34. Petrol, Meths, Coffee, Bacon 35. Butter 36. good 37. no 38. 44 hours 39. In a field using a guys leg as a pillow 40. Girl friend -------------------- |
|
|
Mar 25 2009, 11:04 PM
Post
#8
|
|
Knight Lieutenant Group: Clan Members Posts: 824 Thank(s): 0 Points: 218 Joined: 30-December 07 From: Brighton Member No.: 54 |
1. What is your favorite thing to wear?
Salopettes 2. Last thing you ate? Hash brownie 3. One place you will NEVER eat at? The Ritz 4. Would you date anyone you met online? Depends how ugly they are 5. The last place you went out to dinner to? Moshi Moshi 6. Who/What made you angry today? Southern Train conductor 7. What are your pets called? Magik5 8. Do you feel safe online? Not with Monkey around 9. Ever gone skinny dipping? Nope 10. Favorite type of Food? Edible food 11. Favorite holiday: Reading Festival 2005 12. Do you download music: No, I'm quite a materialistic person when it comes to music I like 13. Opinion of Chinese symbol tattoos? They always say, 'I'm a fag who can't read Chinese' or something of that reflection 14. Have you ever bungee jumped? Nope 15. Have you ever Sky-dived? Nope 16. Have you ever gone white-water rafting? YES!!!! 17. Has anyone ten years older than you ever hit on you? Nope 18. How many pets do you have? Refer to question 7 answer 19. What are you listening to right now? Long train runnin' - The doobie brothers 20. What is your current favorite song? It changes a lot, but atm, The riverboat song - OCS 21. What was the last movie you watched? Quantum of solace 22. Do you wear contacts? Yup 23. Where was the last place you went besides your house? Imperial College 24. What are you afraid of? Cable, he keeps coming on to me 25. How many piercings have you had? None 26. Do you have any tatoos Nope 27. What do you usually order from Starbucks? Tea! 28. Have you ever fired a gun: Nope 29. Are you missing someone? Yes, but thats a story for another time 30. Favorite TV show? South park 31. Ever done an IQ test, if so what score? Never taken one 32. Favorite movie of all time? The first batman film with Adam West 33. Have you ever been caught doing something you weren't suppose to? Yup 34. Favorite smell? Issey Miyake or a good old 2 stroke engine, absolute bliss 35. Butter, plain, or salted popcorn? All popcorn is wrong 36. Do you consider yourself bad/average/good with computers? Very bad 37. Do you like Michael Jackson? When he was black 38. What's the longest time you've gone without sleep? I can't remember 39. Where is the weirdest place you have slept? The boot of a peugeot 306 40 Who was your last phone call? My brother Hope this helps with your work dude. -------------------- There are 10 types of people in this world, those who understand binary and those who don't |
|
|
Mar 26 2009, 09:21 AM
Post
#9
|
|
Filthy Peasant Group: Newbie Members Posts: 3 Thank(s): 0 Points: 0 Joined: 25-March 09 Member No.: 4,080 |
fuck, didnt think my motive for my project would be that obvious. Thx tho.
1 question i have MonkeyFriend I understand you gained access to the webhost through a weak password which was part of the challenge, but how did you make the raw access logs show monkey-waz-ere-2009 like 10000 times? I asked my teacher and have looked on the web and everyone reckons this is impossible, how can you access a website without leeving any trace or IP in the logs? Everyone I've asked has said this is impossible????? I've secured the weakness on the website and have used a complex brute force proof pasword.. you can try and get in again if you want thx Mark |
|
|
Mar 26 2009, 09:26 AM
Post
#10
|
|
Security and Projects Group: Clan Dogsbody Posts: 4,687 Thank(s): 1098 Points: 2,440 Joined: 31-August 07 From: A Magical Place, with toys in the million, all under one roof Member No.: 1 |
I'll reply to this (and take a look at the website) later... when I get some time free
However I just wanted to say IT'S MONKEYFIEND FIEND! with an FIE! There's no R in there! MONKEYFIEND! -------------------- |
|
|
Mar 26 2009, 11:39 AM
Post
#11
|
|
Knight Lieutenant Group: Clan Members Posts: 989 Thank(s): 1 Points: 215 Joined: 5-June 08 From: Tyler, Texas, US Member No.: 124 |
loling for the rest of the day cause of this!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
def don't delete this monkeyfriend!!!! -------------------- |
|
|
Mar 26 2009, 12:09 PM
Post
#12
|
|
Knight Lieutenant Group: Clan Members Posts: 989 Thank(s): 1 Points: 215 Joined: 5-June 08 From: Tyler, Texas, US Member No.: 124 |
1. What is your favorite thing to wear?
nothing 2. Last thing you ate? McDonalds 3. One place you will NEVER eat at? Monkeys house 4. Would you date anyone you met online? your mom 5. The last place you went out to dinner to? McDonalds 6. Who/What made you angry today? rocks 7. What are your pets called? animals 8. Do you feel safe online? never 9. Ever gone skinny dipping? yes, by myself 10. Favorite type of Food? salad 11. Favorite holiday: none 12. Do you download music: no 13. Opinion of Chinese symbol tattoos? they scream out "I'm GAAAAY!!!" 14. Have you ever bungee jumped? no 15. Have you ever Sky-dived? no 16. Have you ever gone white-water rafting? no 17. Has anyone ten years older than you ever hit on you? yes, all the time 18. How many pets do you have? 3 19. What are you listening to right now? me typing 20. What is your current favorite song? can't touch this 21. What was the last movie you watched? Rocky 2 22. Do you wear contacts? no 23. Where was the last place you went besides your house? mail box 24. What are you afraid of? poo on a stick 25. How many piercings have you had? 1 26. Do you have any tatoos no 27. What do you usually order from Starbucks? coffee 28. Have you ever fired a gun: yes 29. Are you missing someone? no, everybody's here and counted for 30. Favorite TV show? family fued 31. Ever done an IQ test, if so what score? no 32. Favorite movie of all time? Rocky 2 33. Have you ever been caught doing something you weren't suppose to? touching myself at night 34. Favorite smell? vanilla 35. Butter, plain, or salted popcorn? no popcorn for me 36. Do you consider yourself bad/average/good with computers? the worst 37. Do you like Michael Jackson? why, did he say he likes me? 38. What's the longest time you've gone without sleep? what's sleep??? 39. Where is the weirdest place you have slept? jail 40 Who was your last phone call some dipshit tryin to ask me questions like these -------------------- |
|
|
Mar 26 2009, 01:10 PM
Post
#13
|
|
Security and Projects Group: Clan Dogsbody Posts: 4,687 Thank(s): 1098 Points: 2,440 Joined: 31-August 07 From: A Magical Place, with toys in the million, all under one roof Member No.: 1 |
ok, finally got around to this again.
Your new password: Str0ng.p4ss***2 should indeed be enough to stop people brute forcing it.. better luck next time *** I've removed these numbers, you really shouldn't use any digits from a home phone number for anything online Logging in as you/web admin I wouldn't be able to falsify the raw access logs, so try ockhams razer: you know the logs are tampered, you know that it's impossible to login as an admin and tamper them, so in what others ways can they be tampered with? We're ok for security testing here, but thanks for the offer. Speaking of which, I see you beavering away with a bruteforce on http://sneakymonkeys.com/forums/admin area - so you can stop now, please As you may know invision uses this admin folder for super admin logins, which is precisely why I removed it and replaced it with a fake login page that has no users/passwords and doesn't go anywhere. I mean, it doesn't even look legitimate! It never fails to amuse me when people spend several days running dictionary and bruteforce attacks against this Anyway, this isn't a hacking tutorial site, so I'll wish you good luck with your projects MonkeyFiend (no R in FIEND!) -------------------- |
|
|
Mar 26 2009, 01:32 PM
Post
#14
|
|
Lifetime Ban Group: Banned Posts: 0 Thank(s): 0 Points: 116 Joined: 31-August 07 From: Liverpool Member No.: 2 |
Thought i'd do this for fun, since everyone else has
1. What is your favorite thing to wear? Flip Flops 2. Last thing you ate? Cereal 3. One place you will NEVER eat at? a weatherspoons 4. Would you date anyone you met online? never thought about it, since im stuck with monkey anyways 5. The last place you went out to dinner to? Rosies tearooms 6. Who/What made you angry today? accidentally waking up at 1 oclock 7. What are your pets called? n/a 8. Do you feel safe online? yeah 9. Ever gone skinny dipping? no 10. Favorite type of Food? pizza 11. Favorite holiday: Australia 12. Do you download music: Yeah 13. Opinion of Chinese symbol tattoos? meh 14. Have you ever bungee jumped? Nope 15. Have you ever Sky-dived? Nope 16. Have you ever gone white-water rafting? nope 17. Has anyone ten years older than you ever hit on you? yer 18. How many pets do you have? none 19. What are you listening to right now? nothing 20. What is your current favorite song? daft punk, stronger 21. What was the last movie you watched? i am legend 22. Do you wear contacts? no 23. Where was the last place you went besides your house? work 24. What are you afraid of? pigeons 25. How many piercings have you had? 11 26. Do you have any tatoos yes 27. What do you usually order from Starbucks? white hot chocolate 28. Have you ever fired a gun: Nope 29. Are you missing someone? nah 30. Favorite TV show? Bones 31. Ever done an IQ test, if so what score? 116 rings a bell 32. Favorite movie of all time? Lord of the rings maybe? cant really think 33. Have you ever been caught doing something you weren't suppose to? Yup 34. Favorite smell? mens- Jean Paul Gaultier, womens- poison 35. Butter, plain, or salted popcorn? salted 36. Do you consider yourself bad/average/good with computers? average? 37. Do you like Michael Jackson? music yes, as a person-no hes a weirdo 38. What's the longest time you've gone without sleep? 53 hours 39. Where is the weirdest place you have slept? in a graveyard 40 Who was your last phone call? my friend faye |
|
|
Mar 26 2009, 01:37 PM
Post
#15
|
|
Paddle Master Group: Clan Members Posts: 2,085 Thank(s): 30 Points: 317 Joined: 3-December 07 Member No.: 50 |
but seriously, why try hack a website where you know the admin is incredibly more knowledgeable in the subject then you.
-------------------- |
|
|
Mar 26 2009, 04:53 PM
Post
#16
|
|
Knight Lieutenant Group: Clan Members Posts: 989 Thank(s): 1 Points: 215 Joined: 5-June 08 From: Tyler, Texas, US Member No.: 124 |
i love it when people do stupid shit like this. it's so funny!!!! is there a way we can get more of this?
what kind of teacher did mark ask? his english teacher? -------------------- |
|
|
Mar 27 2009, 11:17 AM
Post
#17
|
|
Filthy Peasant Group: Newbie Members Posts: 3 Thank(s): 0 Points: 0 Joined: 25-March 09 Member No.: 4,080 |
Sry bout the bruteforse - just wanted to see how the security was here. And to fid077 - no I obviously asked my IT tutor and along with that if you look around google I found whole bunches of people on experts-exchange, ask, answerbag that say it's not possible to adjust raw logs without leaving any trace.
Apart from the logs being tampered with and a crazy song about monkeys in the root. The only thing I've found from referrers a user with a custom operating system a custom browser with a .net version4.8 wtf? The IP resolved to south america, then resolved to vietnam, then didn't resolve anymore - how the hell can a IP point to different places and then go nowhere? |
|
|
Mar 27 2009, 11:35 AM
Post
#18
|
|
Security and Projects Group: Clan Dogsbody Posts: 4,687 Thank(s): 1098 Points: 2,440 Joined: 31-August 07 From: A Magical Place, with toys in the million, all under one roof Member No.: 1 |
pfft, that dog won't hunt seigneur.
I notice lots of link-to's from your college, I assume this site has beeen posted on an intranet or something... unfortunately I'm not the IT equivalent of the pied-piper of hamlin, so will no be replying to "haxx0r my mates p00ter, plox" or "teach me everything you know in 24 hours" type posts or emails. There areplenty of books out there on security, protocols and computing in general. Go read -------------------- |
|
|
Mar 27 2009, 01:20 PM
Post
#19
|
|
Knight Lieutenant Group: Clan Members Posts: 989 Thank(s): 1 Points: 215 Joined: 5-June 08 From: Tyler, Texas, US Member No.: 124 |
maybe your in the wrong school. i showed a couple of my teachers this and they say it is simple. maybe u should change your major to nursing or something like that what school do you go too? where is it located?
-------------------- |
|
|
Mar 27 2009, 02:36 PM
Post
#20
|
|
Security and Projects Group: Clan Dogsbody Posts: 4,687 Thank(s): 1098 Points: 2,440 Joined: 31-August 07 From: A Magical Place, with toys in the million, all under one roof Member No.: 1 |
to be fair it's not that simple......
If this was some spotty linux wannabe that flattened their dell pc and stuck on red hat and apache just to be l33t, then yes... there's probably a lot one could do. If on the other hand we're talking about a shared linux/apache webhosting service.. same as many you'd rent from around the place. The markdorley user is not a superuser and has no root access. In fact he has no actual real permissions within the server structure. For reference kernel 2.6.24.2dn.am with apache 1.3.41 Assuming I created a site called markdorleycantdowebsites.com and was assigned by the powers ((or scripts) that be a user account called fidoisgay with permissions to write files within the public html or www direcotories The fidoisgay user is a restricted. Commonly (unfortunately.. chroot jail ftw!) the owner of the access-logs is root (0) - even if the fidoisgay user ftp'd to their shiny new hosting and went to their access-logs folder they would find a bunch of files with 640 or similar permissions owned by root, (-rw-r------ if you prefer), the group can read em, but only the owner can write to them and I mentioned before the owner is root . Fidoisgay would not be able to tamper with these files and would logout safe in the knowledge that his access logs are secure and could return to failing at bf2 -------------------- |
|
|
Lo-Fi Version | Time is now: 24th November 2024 - 01:37 PM |